Update devops workflows to OIDC

[pjhill]

Description

Kyle has an example of a PR that modifies existing devops GHA workflows to use OIDC instead of AWS secrets. This will create a security posture for our workflows. First, we need to get an inventory of all the workflows that need to be converted to OIDC and list them here. Then we can start picking away at the workflows one at a time with PRs to convert them to the OIDC pattern.

Example PR here -- https://github.com/department-of-veterans-affairs/devops/pull/13718/files Conversation here -- https://dsva.slack.com/archives/C04CYC4LMU6/p1699970664394349

Acceptance Criteria

• [ ] A list of workflows to convert to OIDC is recorded in this ticket
• [ ] A list of PRs addressing the conversion of the workflows to OIDC pattern is in this ticket

[Mandalorian-Oddball]

Status Report: I've successfully integrated the OIDC pattern into our workflows, following the example PR's approach. However, I hit a snag with a lint test failure. It appears there are syntax or style issues in the code that need addressing.

Next Steps: First, I'll dive into the lint test results to pinpoint the exact problems. My plan is to correct any syntax errors and align the code with our style guidelines. Once these adjustments are made, I'll rerun the lint test to confirm everything is in order.

Additionally, I'll conduct thorough testing of the OIDC integration to ensure it's functioning as intended and maintaining our security standards. I'll update our documentation to reflect these changes and keep the team in the loop via Slack. Finally, once all is set and the lint tests pass, I'll update our ticket with a list of all the converted workflows and their corresponding PRs, ensuring everything aligns with our acceptance criteria.

[JoeTice]

SPRINT 45 UPDATE: In Progress - Working on troubleshooting lint test failures, Keenan is moving to support this upcoming sprint, so this task will be moved to the Backlog and considered for resumption in Sprint 47